Graylog2/graylog2-server
View on GitHubSupport Bearer Tokens for authenticating instead of using a token in basic auth
Open
#5,167 opened on Oct 1, 2018
featuregood first issuetriaged
Repository metrics
- Stars
- (6,945 stars)
- PR merge metrics
- (Avg merge 8d 19h) (297 merged PRs in 30d)
Description
Expected Behavior
When a user creates a token which can be used for authentication, it should be accepted by the server when passed as part of a Authentication: Bearer <Token> header.
Current Behavior
For token authentication, the server expects basic auth with the username set to the token and password to token. This is rather proprietary. Additionally, some systems which are otherwise capable of speaking to Graylog (e.g. the telegraf prometheus plugin speaking to the Graylog prometheus metrics reporter do not work due to the nonacceptance of Bearer Tokens.
Possible Solution
Steps to Reproduce (for bugs)
Context
Your Environment
- Graylog Version:
- Elasticsearch Version:
- MongoDB Version:
- Operating System:
- Browser version: